Ikotas Labs, Inc. / News
Vulnerability research, competitions, and insights from the front lines of offensive security.
Firefox 151.0 Vulnerability Discovery and Disclosure (CVE-2026-8947, CVE-2026-8964)
Our member discovered vulnerabilities in Firefox's DOM: Bindings (WebIDL) and Popup Blocker components and reported them to Mozilla.
Read more →
Pwn2Own Berlin 2026 Day 3: Exploited an AI Agent, Earning $20,000 and 4 Master of Pwn Points (OpenAI Codex)
Our member competed on day 3 of Pwn2Own Berlin 2026 and successfully exploited OpenAI Codex, an AI coding agent.
Read more →
Pwn2Own Berlin 2026 Day 1: Earned $28,000 and 3.75 Master of Pwn Points (Megatron Bridge, LiteLLM)
Our member competed on day 1 of Pwn2Own Berlin 2026 and successfully exploited NVIDIA Megatron Bridge and LiteLLM.
Read more →
Discovery and Disclosure of an RxGK Variant in the Linux Kernel Privilege Escalation Vulnerability Family "Dirty Frag"
Our member discovered a new privilege escalation variant of the Dirty Frag family in the Linux kernel's RxRPC RxGK security class.
Read more →
Firefox 150.0 Vulnerability Discovery and Disclosure (CVE-2026-6768, CVE-2026-6769)
Our member discovered vulnerabilities in Firefox's Networking: Cookies and Debugger components and reported them to Mozilla.
Read more →
Firefox 149.0 Vulnerability Discovery and Disclosure (CVE-2026-4717)
Our member discovered a privilege escalation vulnerability in Firefox's Netmonitor component and reported it to Mozilla.
Read more →
Victory at Ministry of Defense Cyber Contest 2026
Our team won the general category of the Ministry of Defense Cyber Contest 2026.
Read more →
1st & 2nd Place at Singapore AI Safety Red Teaming Challenge 2026
Our members took 1st and 2nd place at the Singapore AI Safety Red Teaming Challenge 2026.
Read more →